Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Semantic Web Policy Systems Presented By: John Paul Dunning Usable Security – CS.

Slides:



Advertisements
Similar presentations
NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)
Advertisements

Norman Sadeh – Carnegie Mellon University – DAML PI Meeting- Feb. 13, 2002 DAML PI Meeting Status Briefing A Semantic Web Environment for Mobile Context-Aware.
NRL Security Architecture: A Web Services-Based Solution
1 Authorization XACML – a language for expressing policies and rules.
Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy and Trust Frameworks/Systems Presented by Zalia Shams Usable Security –
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
New Challenges for Access Control April 27, Improving Usability and Expressiveness with Dynamic Policies and Obligations Dennis Kafura Markus Lorch.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.
Tcl Agent : A flexible and secure mobile-agent system Paper by Robert S. Gray Dartmouth College Presented by Vipul Sawhney University of Pennsylvania.
Copyright © Norman Sadeh Semantic Web Technologies to Reconcile Privacy and Context Awareness Norman M. Sadeh ISRI- School of Computer Science.
Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy Preferences Edgardo Vega Usable Security – CS 6204 – Fall, 2009 – Dennis.
Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.
XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.
● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
Agent-based Device Management in RFID Middleware Author : Zehao Liu, Fagui Liu, Kai Lin Reporter :郭瓊雯.
Deploying Trust Policies on the Semantic Web Brian Matthews and Theo Dimitrakos.
Division of IT Convergence Engineering Towards Unified Management A Common Approach for Telecommunication and Enterprise Usage Sung-Su Kim, Jae Yoon Chung,
Module 7: Fundamentals of Administering Windows Server 2008.
Shib-Grid Integrated Authorization (Shintau) George Inman (University of Kent) TF-EMC2 Meeting Prague, 5 th September 2007.
Linked-data and the Internet of Things Payam Barnaghi Centre for Communication Systems Research University of Surrey March 2012.
A NAMED DATA NETWORKING FLEXIBLE FRAMEWORK FOR MANAGEMENT COMMUNICATION Authors: Daneil Corjuo and Rui L. Aguiar Ivan Vidal and Jamie Garcia-Reinoso Presented.
EU Project proposal. Andrei S. Lopatenko 1 EU Project Proposal CERIF-SW Andrei S. Lopatenko Vienna University of Technology
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Semantic Web Standards Presented By: David Shelly Usable Security – CS 6204 – Fall,
Semantic Web and Policy Workshop Panel Contribution Norman M. Sadeh School of Computer Science Carnegie Mellon University Director, e-Supply Chain Management.
New Cryptographic Techniques for Active Networks Sandra Murphy Trusted Information Systems March 16, 1999.
1 Vigil : Enforcing Security in Ubiquitous Environments Authors : Lalana Kagal, Jeffrey Undercoffer, Anupam Joshi, Tim Finin Presented by : Amit Choudhri.
An Ontological Framework for Web Service Processes By Claus Pahl and Ronan Barrett.
11 Usage policies for end point access control  XACML is Oasis standard to express enterprise security policies with a common XML based policy language.
Dr. Bhavani Thuraisingham August 2006 Building Trustworthy Semantic Webs Unit #1: Introduction to The Semantic Web.
MagicNET: Security System for Protection of Mobile Agents.
Access Control and Markup Languages Pages 183 – 187 in the CISSP 1.
Cerberus: A Context-Aware Security Scheme for Smart Spaces presented by L.X.Hung u-Security Research Group The First IEEE International Conference.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Principles of Context aware systems Presented by: Rajesh Gangam Usable Security.
Data Access and Security in Multiple Heterogeneous Databases Afroz Deepti.
Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.
WP3: Provenance and Access Policies Giorgos Flouris (FORTH) - Irini Fundulaki (CWI & FORTH) -
TIDEN Node Management Texas Integrated Data Exchange Node Partnered with.
Introduction to Semantic Web Service Architecture ► The vision of the Semantic Web ► Ontologies as the basic building block ► Semantic Web Service Architecture.
Symphony A Java-Based Composition and Manipulation Framework for Computational Grids Dennis Kafura Markus Lorch This work is supported by the Virginia.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Automatic Trust Negotiation Rajesh Gangam
SecPAL Presented by Daniel Pechulis CS5204 – Operating Systems1.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Policy Authoring Matthew Dunlop Usable Security – CS 6204 – Fall, 2009 – Dennis.
MyGrid/Taverna Provenance Daniele Turi University of Manchester OMII f2f Meeting, London, 19-20/4/06.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Smart, Secure and Sustainable Home: A Socio-Technological Perspective Aleksandr.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Collective Information Practice: Exploring Privacy and Security as Social and Cultural.
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Semantic Web Standards Presented By: Matthew Dunlop Usable Security – CS 6204 –
Providing web services to mobile users: The architecture design of an m-service portal Minder Chen - Dongsong Zhang - Lina Zhou Presented by: Juan M. Cubillos.
Selected Semantic Web UMBC CoBrA – Context Broker Architecture  Using OWL to define ontologies for context modeling and reasoning  Taking.
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
 Copyright 2005 Digital Enterprise Research Institute. All rights reserved. SOA-RM Overview and relation with SEE Adrian Mocan
Chapter 6: Interoperability
PLUG-N-HARVEST ID: H2020-EU
Service-Oriented Computing: Semantics, Processes, Agents
Service-Oriented Computing: Semantics, Processes, Agents
Towards Unified Management
Chapter 5 SNMP Management
Introduction to SOA Part II: SOA in the enterprise
ITEC 334 Fall 2009 Computer Programming in the Web Era
Chapter 5 SNMP Management
LM 5. Wireless Network Security
Presentation transcript:

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Semantic Web Policy Systems Presented By: John Paul Dunning Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech

Semantic Web Policy Systems “A meta-control architecture for orchestrating policy enforcement across heterogeneous information sources” Jinghai Rao, Alberto Sardinha, Norman Sadeh Carnegie Mellon University Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech

Overview Context-sensitive security and privacy policies Decentralized trust management Challenges include:  sources of information vary from one principal to another  sources of information may vary over time  sources of information may not be known ahead of time Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech

Contributions of Paper “Development of a semantic web framework and a meta-control model for opportunistically interleaving policy reasoning and web service discovery to enforce context-sensitive policies” Extension of XACML ontology Language independent system

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech XACML “XACML is an initiative to develop a standard for access control and authorization systems... XACML aims to achieve the following:  Create a portable and standard way of describing access control entities and their attributes.  Provide a mechanism that offers much finer granular access control than simply denying or granting access -- that is, a mechanism that can enforce some before and after actions along with "permit" or "deny" permission.”

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Information Disclosure Agent (IDA) Policy Enforcement Agent (PEA) Controls access to information and service access through policies Uses policy enforcement  Control policies  Obfuscation policies

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Information Disclosure Agent (IDA) Interact across various networks Encrypted traffic Language Independent (with interpreter)‏

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Information Disclosure Agent (IDA)

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Meta-Controller Monitors progress and determines the next step Cycle Meta-Control Housekeeping Module Modules complete tasks

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Meta-Controller Query status information includes:  A query status ID  Status predicates  A query ID and query element ID  A parent query status ID  A time stamp

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Meta-Controller

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech

Policy Reasoner Evaluating relevant policies Return policy decisions Modules:  Query Decomposition Module  Access Control Module  Obfuscation Module

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Information Collector Gathering facts Modules:  Local Information Reasoner  Service Discovery Module  Service Invocation Module  User Interface

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Service Discovery and Invocation IDAs are constantly sending queries and results back and forth Multiple queries between IDAs Node deadlock is possible and avoidable  Time outs  Query dependency graphs

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Example Scenario Bob is an employee of SATElectronics Corporation Bob contracts to United GenSat Bob wants the schedule for deployment of SAT 777 from United GenSat, which is a product he has been working on.

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Example Scenario

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Beyond Access Control Policies

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Q&A How easy are the policies to create/update/delete? What is the overhead of this system VS a standard form of authentication?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.